Cybercriminals now gearing towards deception-based attacks

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.mis-asia.com/resource/industries/cybercriminals-now-gearing-towards-deception-based-attacks-microsoft/

Cybercriminals are increasingly turning to deceptive tactics for malicious
purposes such as stealing people's personal and financial information.

This is according to Microsoft's latest research findings, which show that
in the last quarter of 2013, the number of computers that had to be
disinfected as a result of deceptive tactics more than tripled compared to
past years.

This increase in deceptive tactics correlates with a 70-percent decline in
the number of severe vulnerabilities exploited in Microsoft products
between 2010 and 2013. This shows that newer products are providing better
protection. Additionally, the increased adoption of several key security
mitigations across the industry are making it more difficult and expensive
for cybercriminals to develop software exploits.

Types of deception-based attacks

According to Microsoft’s new data, one of the most dominant deceptive
techniques used worldwide in the second half of 2013 was deceptive
downloads.These downloads were identified as a top threat in 95 percent of
the 110 countries and regions that Microsoft polled.

Cybercriminals enticed users to download malware hidden behind legitimate
content such as software, music or videos found online. Infected machines
often continue to function, and the only observable signs of infection
might be slower system performancesor unexpected search results popping up
in a browser. Over time, fraudulent activities happening surreptitiously
could tarnish the victim’s online reputation, in addition to being banned
from secured websites.

Another form of deception is ransomware, which often pretends to be an
official-looking warning from a renowned law enforcement agency. It then
accuses its victim of committing a computer-related crime, and demands them
to pay a fine to regain control of the computer.

Ransomware is geographically concentrated, but its deployment is gaining
popularity. In fact, the reported cases of top ransomware, Reveton,
increased by 45 percent between the first and second half of 2013.

Singapore is in the safe zone

Singapore is one of the countries that has a very low malware encounter
rate, together with New Zealand, Australia and United States.

Countries like Thailand, Malaysia, Philippines, Vietnam, India and
Indonesia however, experienced very high malware encounter rates.

Microsoft’s research findings revealed that the top three deceptive threats
in Singapore during the fourth quarter of 2013 were Rotbrow (1.9 percent),
Brantall (1.9 percent), and Obfuscator (1.4 percent).

Additionally, for the most common type of malware encountered in Singapore
during that same quarter, the top three were noted to be miscellaneous
Trojans (5.1 percent), Trojan Downloaders and Droppers (4.3 percent), and
Worms (2.5 percent).

Although these statistics show that Singapore is not impervious to cyber
attacks, both the malware encounter rate and infection rate for Singapore
is well below the worldwide average.

Tim Rains, Trustworthy Computing Director of Microsoft, attributes this
positive trend to “institutional stability”.

Quoting the Arab Spring in Egypt as an example, he says: “When the Arab
Spring started, malware infection rates started to go up because there’s
unrest in the country. Then when the President stepped down, the malware
infection rates went up even more. But when elections were announced, the
infection rates went down. So what we saw was a correlation between some of
the institutional stability factors like regime stability and demographic
stability.”

“What we postulate from this is public-private partnership. When the
government stops working or becomes less effective, oftentimes, those
public-private partnership stops working too. When that happens, you start
to see malware infection rates go up,” he says.

“In Singapore, I can tell the public-private partnership here – between
Microsoft, the industry and the government – is very positive; and I think
that’s a big reason why the malware infection rates here are kept
consistently low.”

Prevention is better than cure

Microsoft’s Rains advises customers to take a few actions to help keep
themselves protected.

Some recommendations include using newer software whenever possible and
keeping it up to date, only downloading from trusted sources, running
up-to-date antivirus, thinking twice before clicking on a link or
attachment, and backing up files.

He further advises: “If you don’t trust the source of the software, then
don’t trust the software itself. Don’t simply download it because it’s
free."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!